CVE-2024-6768

MEDIUM

Windows 10, 11, Server 2016, 2019, 2022 - Authenticated Denial of Service via CLFS.sys KeBugCheckEx Call

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-6768. PoCs published by fortra.

AI-analyzed exploit summary CVE-2024-6768 is a DoS vulnerability in CLFS.sys due to improper validation of input quantities, leading to a BSoD via a crafted .BLF file. The PoC demonstrates triggering KeBugCheckEx by manipulating the lsnOwnerPage field in the _CLFS_CLIENT_CONTEXT structure.

Description

A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.

Exploits (1)

nomisec WORKING POC 15 stars
by fortra · poc
https://github.com/fortra/CVE-2024-6768

CVE-2024-6768 is a DoS vulnerability in CLFS.sys due to improper validation of input quantities, leading to a BSoD via a crafted .BLF file. The PoC demonstrates triggering KeBugCheckEx by manipulating the lsnOwnerPage field in the _CLFS_CLIENT_CONTEXT structure.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Windows 10, Windows 11, Windows Server 2016/2019/2022 (CLFS.sys)
No auth needed
Prerequisites: Unprivileged user access · Ability to create/modify .BLF files
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v4 6.8
EPSS 0.0251
EPSS Percentile 82.6%
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-1284
Status published
Products (5)
Microsoft/Windows 10 10.0.0
Microsoft/Windows 11 10.0.0
Microsoft/Windows Server 2016 10.0.0
Microsoft/Windows Server 2019 10.0.0
Microsoft/Windows Server 2022 10.0.0
Published Aug 12, 2024
Tracked Since Feb 18, 2026